Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacked Syrian Officials Used '12345' As Email Password

Posted by samzenpus on from the I've-got-the-same-combination-on-my-luggage dept.

Nominei writes "The Israeli newspaper Haaretz reports that the Syrian President, aides and staffers had their email hacked by Anonymous, who leaked hundreds of emails online. Reportedly, many of the accounts used the password '12345' (which their IT department probably warned them to change when the accounts got set up, of course)."

29 of 231 comments (clear)

  1. That's amazing by Anamelech · · Score: 5, Funny

    I've got the same combination on my luggage!

    1. Re:That's amazing by LoverOfJoy · · Score: 4, Funny

      It wouldn't surprise me if another anonymous hacker beat them to it and changed their addresses to 12345 for the lulz.

    2. Re:That's amazing by Vintowin · · Score: 5, Insightful

      I've got the same combination on my luggage!

      Came for this, leaving satisfied!! This thread will go to plaid soon.

    3. Re:That's amazing by cashman73 · · Score: 5, Funny

      I wonder if their President is surrounded by assholes, too?

    4. Re:That's amazing by Frosty+Piss · · Score: 4, Insightful

      Why do you insult neanderthals?

      --
      If you want news from today, you have to come back tomorrow.
    5. Re:That's amazing by Anonymous Coward · · Score: 4, Funny

      In this case, the President is an asshole, too.

      Well, yes. If you draw a Venn diagram of assholes and presidents, I am fairly certain that the latter is wholly contained within the former.

    6. Re:That's amazing by bosef1 · · Score: 5, Funny

      Oh, I see how it works. Sure, you let them clean your clothes, serve your food, teach your children. Heck, you'll even let them represent you politically (I've lived in DC, I've seen Congress). But the minute they display the first inkling of self-respect and self-organization, it's "Neanderthals aren't 'smart' enough", "Neanderthals are another species", "Neanderthals are extinct".

      I see how it works, alright. You're afraid. Afraid to come out of your shell and admit your true feelings. It's easy enough to hate, but you're just to afraid... to love.

  2. Only 12345? by froggymana · · Score: 5, Funny

    I thought that everyone knew to use at least 123456 as their password. After all that increases its security by an order of magnitude!

    --
    "To prevent this day from getting any worse, I'll just read ERROR as GOOD THING" 1GJU8xLuDKDxEs4KLf8fAGyptoDsqvEsBT
  3. IT did warn them by Anonymous Coward · · Score: 5, Funny

    then the IT guy got taken into the alley and shot in the head for his impudence.

    1. Re:IT did warn them by HSonger · · Score: 5, Funny

      The IT group probably forgot to install the Unicode language pack on their machines so the only Arabic they could put in were numerals.

    2. Re:IT did warn them by mjwx · · Score: 5, Funny

      The IT guy was then shot again, for his incompetence.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
  4. You know... by koan · · Score: 4, Insightful

    Every time I go to pastebin.com and look at the hacked sites the passwords are always weak, extremely weak, virtually no one uses strong passwords.

    --
    "If any question why we died, Tell them because our fathers lied."
    1. Re:You know... by arth1 · · Score: 5, Insightful

      Every time I go to pastebin.com and look at the hacked sites the passwords are always weak, extremely weak

      No surprise there.

      , virtually no one uses strong passwords.

      Non sequitur. The published passwords are weak because that's the passwords that were easily cracked. Those who have strong passwords are underrepresented on the lists precisely because they have stronger passwords so they weren't brute-forced easily.

      IT departments and well-meaning distro packagers have to take some of the blame too. I can't choose a password like Zph9vZZZ3tPseX4 because it has Z repeated 3 times, and contains a word found in a dictionary?
      Fuck that then, I'll go with abcd1234 instead. Oh, and I have to change it every four weeks? Next time it will be 1234abcd, then abcd12345 and 12345abcd - catch my drift?

    2. Re:You know... by Dwonis · · Score: 4, Insightful

      Every time I go to pastebin.com and look at the hacked sites the passwords are always weak, extremely weak

      No surprise there.

      , virtually no one uses strong passwords.

      Non sequitur. The published passwords are weak because that's the passwords that were easily cracked. Those who have strong passwords are underrepresented on the lists precisely because they have stronger passwords so they weren't brute-forced easily.

      Sure, but every now and then, some *site* uses a poor hash, which allows people like me to do research on password strength and frequency. These results don't exhibit the selection bias you're talking about, because they're a full dump of passwords on the site. This is just for one specific site, but I found that 36% of all passwords were easily discoverable using a rainbow table, 33% of passwords weren't unique, and 1 in 72 users had the password "super123" for some reason.

      I actually had a list of email addresses and their corresponding passwords for the site. I wouldn't be surprised if a lot of these passwords could also be used to get access to their corresponding GMail/Yahoo/Hotmail accounts (but I didn't test it out, because I enjoy not being in jail).

    3. Re:You know... by LordLucless · · Score: 4, Interesting

      yep never use the same user name or password for different sites you care about, at the minimum.

      FTFY. I mean, really, nobody has the mental capacity to remember a unique, strong password for every titchy site they have an account on.

      Me, I have a strong, unique password for the handful of things that deserve it (My workstation, email, banking, facebook) and then a common password that I use among all the other sites, that I really don't care about being compromised.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    4. Re:You know... by arth1 · · Score: 4, Interesting

      Sure, but every now and then, some *site* uses a poor hash, which allows people like me to do research on password strength and frequency. These results don't exhibit the selection bias you're talking about, because they're a full dump of passwords on the site. This is just for one specific site, but I found that 36% of all passwords were easily discoverable using a rainbow table, 33% of passwords weren't unique, and 1 in 72 users had the password "super123" for some reason.

      The link you provide supports that this is selection bias - he cracked 26025 out of 93688 passwords, and then made the brilliant deduction that boils down to "of those passwords that I easily cracked, most were found to be easily cracked". No shit, Sherlock.

      Sure, that 36% of passwords are easily cracked is bad in itself, but that's another thing entirely. It can't be used as statistics to extrapolate anything using the word "most". It only applies to that subset of weak password.

      I also have to arrest you for " I found that 36% of all passwords were easily discoverable using a rainbow table". This is incorrect. 100% of all passwords are easily discoverable using a rainbow table. 36% may be easily discoverable using a partial rainbow table, which is not the same thing.

  5. Palin Popcorn Password by kenh · · Score: 4, Insightful

    Is this really 'hacking' when you guess the password?

    Reminds me of the script-kiddie who 'hacked' into Sarah Palin's email account once he successfully guessed her password was 'popcorn'...

    Wonder how he's doing in prison?

    --
    Ken
    1. Re:Palin Popcorn Password by Dwedit · · Score: 4, Informative

      That never happened.

      Someone guessed Sarah Palin's security questions (such as "Where did you first meet your spouse" with the answer of her high school in Alaska), and got into the account. Then the password was changed to popcorn.

  6. Re:12345 by flyingsquid · · Score: 4, Insightful

    If a bunch of kids could hack into Syran government email by typing "12345", you'd imagine that at least one of the big cyberwarfare or intelligence units out there- the U.S., Israel, or China- would have thought of the same trick and has already been monitoring their communications for a while. At least you'd hope so. I'd hate to think that right now there are of a couple of NSA agents looking at each other and saying, "12345... hey, why didn't we think of that?"

  7. Assads email wasn't hacked by highwaytohell · · Score: 4, Informative

    It was just the dept staff. Looked like it was hacked through the webmail portal of mopa.gov.sy. The only thing of note was the exchange re the Barbara Walters visit. The Ministry of Presidential Affairs is basically his marketing department. Whilst one would hope they busted into this despots email, the truth is they did no such thing.

  8. Re:12345 by ceoyoyo · · Score: 5, Funny

    Or a couple of NSA agents looking at each other and saying "shit, I've got to go change my password."

  9. Re:Incredibly stupid by ceoyoyo · · Score: 4, Funny

    Well, it was their own e-mail....

    Speaking of which, people who don't put objects in their sentences shouldn't even have written them. ;)

  10. Re:12345 by Culture20 · · Score: 5, Insightful

    Or a couple of NSA agents looking at each other and saying "shit, now we can't read their email"

  11. Comment removed by account_deleted · · Score: 4, Interesting

    Comment removed based on user account deletion

  12. Hacker walk of shame by Anonymous Coward · · Score: 4, Funny

    As the hacker saw much to his horror that the Syrian President's e-mail password was indeed 12345 he tried to break the connection but it was too late. Word had spread and all knew that his most important hack was one that a five year old could have bested. A week later the hacker was found with a gun in his mouth and the numbers "12345" scrawled across his walls. His last e-mail was a simple "Who uses 12345 as a password!" Other hackers said that it was a tragedy that he would be remembered for one lame hack. Word came later that day that the Syrian President had beefed up security by using his son's name as his current password. Hackers world wide turned away in disgust and refused to stoop to hacking some one that lacked even basic internet skills.

    Some turned their attention to hacking President Obama's e-mail until it was found he used the password "Romneysucksballs". No hacker would dignify such a password with a hack. Later that day it was revealed that Bill Gates used "stevejobsisaweiner" as his password but most knew this was the case since the late 90s.

  13. Re:12345 by rahvin112 · · Score: 4, Informative

    Governments will go to extreme lengths to avoid revealing when they have access to information that the "enemy" thinks is secure. The allies went to very extreme measures to avoid tipping the Germans off that they had access to all the communications that went out on the Enigma machine. This included letting their own troops be ambushed and killed and massive use of resources and manpower to cover up when they did use the information, such as flying a hundred aerial survey missions to cover up knowing the travel path of a sea convoy.

  14. Re:Mine is 54321 by goombah99 · · Score: 5, Funny

    Fool! passwords need to be 8 digits at least. Mine is 1234567891011 It goes to 11, for extra security.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  15. Re:12345 by ArundelCastle · · Score: 5, Funny

    The Papal and Italian agencies turn to their roots for cipher strength: IIIIIIIVV

  16. Re:Mine is 54321 UNREAL by gmuslera · · Score: 4, Informative

    Or this approach for secure passwords. You must make it hard to guess by other people or brute force approachs, not hard to remember .